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(57) Abstract: An apparatus and method for communicating electronic data 
via a network infrastructure (101) having a unicast mechanism and a mul- 
ticast mechanism. Said apparatus comprises a server (100), which contains 
elecu-oriic data and is capable of using said unicast and muJUcasi mecha- 
nisms for communicating said electronic data to one or more clients (lO'') 
the apparatus comprises means (103) adapted to make a decision, taking into 
account a predetermined set of parameters, whether said server (100) shall 
use said unicast mechanism or said multicast mechanism for communicat- 
mg said electronic data to said clients ( 102) and said server ( 1 00) is arranged 
to communicate said electronic data to said clients (102) in accordance with 
said decision. 
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Communication of electronic data via a network infrastruc- 
ture 

FIELD OF THE INVENTION 

The present invention relates broadly to the field of communica- 
tion of electronic data between server and client via a network 
infrastructure. 

DESCRIPTION OF RELATED ART 

Presently, communication of electronic data via network infra- 
structures is widely used for various purposes. In recent years 
there has been a rapid increase in products and services pro- 
vided via network infrastructures in general, but first and fore- 
most via the Internet, i.e. the well-known global collection of in- 
, terconnected networks using Transmission Control Protocol / 
Internet Protocol (TCP/IP) protocols. For example, one increas- 
mgly popular application where electronic data is communicated 
via a network infrastructure is on-demand supply of different 
kinds of multimedia, such as music and video. That is, electronic 
data representing the multimedia is communicated from a 
source, for instance a se.rver. to a recipient, for instance a cli- 
ent, upon a request by the recipient. 

There are different ways of communicating electronic data from 
a source to one or more recipients, unicast and multicast being 
two frequently used alternatives. 
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The term "unicast" denotes communication of electronic data 
from one source to one single recipient, which is the most com- 
mon type of communication. 

5 The term "multicast" refers to communication of electronic data 
from one source to a group of recipients, i.e. the network multi- 
cast group. Multicasting is an efficient way of communicating 
data to multiple recipients in that data sent from the source is 
only copied where the paths in the network diverge. Thus, only 
10 one copy of the data will pass any link in the network and, ac- 
cordingly, less bandwidth is used compared to communicating 
the same data to each recipient using unicast. 

Even though the number of multicast applications is increasing, 
15 unicast is still the most common way of communicating data! 
Consequently, there is a great waste of bandwidth due to use of 
unicast when multicast would be preferred. On the other hand, 
using multicast for data communication is not always efficient 
with respect to the use of network resources, for instance in 
20 case of only a few recipients. 

Thus, there is a need for more efficient use of available network 
resources when communicating data to a number of recipients. 

25 When multicasting electronic data to multiple recipients, 
achieving secure data communication is a problem. Since only 
one copy of the data is sent from the source to all recipients, the 
data is encrypted using the same encryption key for all recipi- 
ents. Thus, all recipients use the same key for decoding the en- 

30 crypted data. Consequently, most of the proposed solutions ad- 
dressing the problem of secure multicasting are based on se- 
cure distribution to the recipients of the group key. i.e. the en- 
cryption key shared by source and recipient for encryption of the 
multicast data. Public-key encryption can of course be utilized. 

35 in which case the same private key will be used by all recipients.' 
However, all clients sharing the same encryption key enables 



5DOCID: <WO 02067499A1_I_> 



wo 02/067499 



PCT/SE02/00299 



3 



unauthorized copying and distribution of encryption keys, which 
constitutes a problem needing to be addressed. 

Another problem of secure multicasting of data is to obtain a 
5 scalable solution. I.e. a solution that efficiently handles large 
group sizes and frequent changes in the number of recipients. 

U.S. patent 5.748,736 describes a system and method for se- 
cure group communications via multicast or broadcast. By using 
10 so called trusted intermediary (Tl) servers to create a hierarchy 
of secure multicast networks, a scalable solution Is achieved. 
However, the problem of unauthorized copying and distribution 
of encryption keys remains for each secure sub-network in said 
hierarchy. 

15 

As stated above, multicast is advantageous for communicating 
electronic data to multiple recipients. However, when using mul- 
ticast, the data is communicated simultaneously to all recipients. 
Thus, there is a problem in providing on-demand functionality 
20 when using multicast, since different recipients may request the 
same data at different times. 

SUMMARY OF THE INVENTION 

25 A first object of the present Invention is to provide a solution for 
communicating electronic data from a server to one or more cli- 
ents via a network Infrastructure, which better utilizes the avail- 
able resources in said network Infrastructure. 

30 According to one aspect of the present invention this first object 
IS achieved by an apparatus for communicating electronic data 
via a network infrastructure as initially described, which 
comprises means adapted to make a decision, taking Into 
account a predetermined set of parameters, whether said server 

35 shall use said unicast mechanism or said multicast mechanism 
for communicating said electronic data to said clients and that 



300CID: <WO 02067499A1_L> 



wo 02/067499 



PCT/SE02/00299 



said server is arranged to communicate said electronic data to 
said clients in accordance with said decision. The ability to 
choose between unicast and multicast thus enables a more 
efficient utilization of available resources in said network 
5 infrastructure. Said parameters define when to use multicast and 
when to use unicast for communicating said data so that the 
resources In said network Infrastructure are used In an 
advantageous manner. 

10 According to another aspect of the invention the first object Is 
achieved by a method for communicating electronic data as ini- 
tially described, comprising the steps of making a decision 
taking into account a predetermined set of parameters, whethe^ 
to use said unicast mechanism or said multicast mechanism for 

15 communicating said electronic data to said clients and 
controlling said server to communicate said electronic data to 
said clients in accordance with said decision. 

According to yet another aspect of the invention the first object 
20 IS achieved by a computer program directly loadable into the 
internal memory of a computer, comprising software for control- 
ling the method described In the above paragraph when said 
program is run on the computer. 

25 According to a further aspect of the invention the first object is 
achieved by a computer readable medium, having a program re- 
corded thereon, where the program is to make a computer con- 
trol the method described in the penultimate paragraph above. 

30 A second object of the invention Is to provide secure multicast- 
mg of electronic data, while avoiding the problems stated above. 

According to one aspect of the present invention this second 
object IS achieved by a method for secure multicasting of elec- 
35 tronic data as initially described, comprising the steps of- 
obtammg a first data encryption key. calculating a second data 
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encryption key for each of said clients through a predetermined 
operation using a unique client identifier and said first data 
encryption key, communicating said second data encryption 
keys to each respective client, encrypting the electronic data to 
5 be communicated using a third data encryption key cor- 
responding to the difference between said first and second data 
encryption keys according to said predetermined operation, 
communicating the encrypted electronic data to each respective 
client, creating said third data encryption key at each of said cli- 

10 ents using said first and second data encryption keys, and de- 
crypting the communicated electronic data at each of said cli- 
ents using said third data encryption key. In this way, each cli- 
ent receives a unique encryption key, which prevents unauthor- 
ized distribution of encryption keys. Furthermore, since said 

15 data Is encrypted with the same encryption key for all clients, 
this solution is scalable. 

According to yet another aspect of the invention the second ob- 
ject is achieved by a computer program directly loadable Into the 
20 internal memory of a computer, comprising software for control- 
ling the method described in the above paragraph when said 
program is run on the computer. 

According to a further aspect of the invention the second object 
25 is achieved by a computer readable medium, having a program 
recorded thereon, where the program is to make a computer 
control the method described In the penultimate paragraph 
above. 

30 According to still a further aspect of the Invention the second 
object is achieved by a system for secure multicasting of elec- 
tronic data as initially described, In which each of said clients Is 
adapted to communicate a first data encryption key to a device, 
said device is adapted to calculate a second data encryption key 

35 for each of said clients through a predetermined operation using 
a unique client Identifier and said first data encryption key. said 
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device is adapted to communicate said second data encryption 
i<eys to each respective client, said server is adapted to encrypt 
the electronic data to be communicated using a third data 
encryption key corresponding to the difference between said 
first and second data encryption keys according to said 
predetermined operation, said server is adapted to communicate 
the encrypted electronic data to each respective client, each of 
said clients is adapted to create said third data encryption key 
using said first and second data encryption keys, and each of 
said clients is adapted to decrypt the communicated electronic 
data using said third data encryption key. 



A third object of the Invention is to provide at least nearly on- 
demand functionality when using multicast for communicatinq 
15 electronic data. 

According to one aspect of the present Invention this third object 
IS achieved by a method for multicasting electronic data from a 
server to one or more clients via a network Infrastructure in 
which said multicast electronic data is looped. In this way it Is 
possible for each client to start receiving the multicast electronic 
data from the beginning of the loop. 

According to a preferred embodiment of the invention, a method 
as described in the above paragraph Is provided, in which a 
plurality of data streams containing electronic data representing 
the same media content are multicast, each data stream is 
multicast to a different multicast address, and each data stream 
starts at a time different from the starting time of any other of 
said data streams. This enables each client to select which one 
of the plurality of data streams to receive, i.e. which multicast 
group to join. Having a plurality of looped data streams to 
choose from, each client may select to start receiving the 
multicast electronic data from the data stream, which first 
35 reaches the beginning of the loop. 
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According to yet another aspect of the Invention the third object 
Is achieved by a computer program directly loadable into the 
internal memory of a computer, comprising software for control- 
ling the method described In the above paragraph and the pe- 
5 nultimate paragraph above when said program is run on the 
computer. 

According to a further aspect of the invention the third object is 
achieved by a computer readable medium, having a program re- 
10 corded thereon, where the program is to make a computer con- 
trol the method described in the penultimate paragraph above 
and the last paragraph but two above. 

According to still another aspect of the invention the third object 
15 is achieved by providing a system for multicasting electronic 
data via a network infrastructure as Initially described, in which 
said server is adapted to multicast said electronic data in a 
looped manner. 

20 According to a preferred embodiment of the invention, a system 
as described in the above paragraph is provided, in which said 
server is adapted to multicast a plurality of data streams 
containing electronic data representing the same media content 
said server is adapted to multicast each data stream to a 

25 different multicast address, and each data stream is arranged to 
start at a time different from the starting time of any other of 
said data streams. 

A fourth object of the invention is to provide better media quality 
30 for clients, which receive electronic data representing media 
content from a server. 

According to one aspect of the present invention this fourth ob- 
ject is achieved by a method for multicasting electronic data as 
35 initially described, comprising the steps of: encoding a plurality 
of data streams containing electronic data representing the 
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same media content according to a layered encoding so that 
each of said data streams is encoded with a common base layer 
and a unique enhancement layer different from the enhancement 
layer of any other of said data streams, multicasting each of 
5 said data streams to a different multicast address, and 
combining the base layer of one data stream with enhancement 
layers from at least two different of said data streams. By 
combining several enhancement layers, a higher media quality 
Is achieved compared with receiving only one of said data 
10 streams. 

Further advantages as well as advantageous features of the In- 
vention will appear from the following description and dependent 
claims. 



15 



30 



BRIEF DESCRIPTION OF THE DRAWINGS 



With reference to the appended drawings, below follows a spe- 
20 cific description of preferred embodiments of the invention cited 
as examples. 

Fig. 1 shows an apparatus for communicating electronic data 
via a network Infrastructure according to a preferred 
25 embodiment of the invention, 

Fig. 2 shows an apparatus for communicating electronic data 
via a network infrastructure according to another 
preferred embodiment of the invention. 



Fig. 3 illustrates, by means of a flow diagram, a general 
method according to the invention for communicating 
electronic data via a network infrastructure, 
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Fig. 4 shows a system for secure multicasting of electronic 
data according to a preferred embodiment of the 
invention, 

Fig. 5 shows a system for secure multicasting of electronic 
data according to another preferred embodiment of 
the invention, 

Fig. 6 illustrates, by means of a flow diagram, a general 
method according to the invention for secure 
multicasting of electronic data, and 

Fig. 7 shows a system for multicasting electronic data 
according to the invention. 

DESCRIPTION OF PREFERRED EMBODIMENTS OF THE IN- 
VENTION 



As will become evident to persons skilled in the art, features and 

20 aspects of the present invention may be implemented by any 
suitable combination of hardware, software and/or firmware. In 
accordance with the present invention, a server may comprise 
for example, one or more processors, long-term storage devices 
and short-term storage devices, communication means. 

25 application programs etc. Said storage devices may store 
electronic data, such as application software, database tables, 
audio, video etc for communication thereof to clients. All parts 
mentioned may be of any suitable kind. The client may comprise 
one or more processors, short-term and long-term storage 

30 devices, communication means, and suitable application 
programs. While , applicable to all types of electronic data 
transfer, the present invention is particularly applicable to on- 
demand distribution and delivery of real-time data, such as 
audio and video. The term "real-time" refers to the requirement 

35 of timely transmission and delivery of said data. 
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Fig 1 illustrates an apparatus for communicating electronic data 
via a network infrastructure 101 according to a preferred 
embodiment of the present Invention. The network infrastructure 
101 may comprise a Transmission Control Protocol / Internet 
5 Protocol (TCP/IP) network such as the Internet. For 
transmission of real-time data such as digitized audio or video 
via said network preferably the Real-Time Transport Protocol 
(RTF) is used. Preferably, also the protocol designed to work In 
conjunction with RTP and known as the Real-Time Control 
10 Protocol (RTCP) is utilized to get feedback on quality of data 
transmission and information about participants In on-going 
sessions of data transmission. Furthermore, said network 101 
provides a unicast mechanism and a multicast mechanism. Said 
apparatus comprises a server 100, which contains electronic 

15 data. That is, the server 100 has electronic data stored in 
storage devices. The electronic data may represent any kind of 
Information that may be stored in storage devices. For example, 
said electronic data may be real-time data such as audio or 
video data. Preferably, the data may be separate data streams 

20 representing specific media content, such as for instance audio 
and video clips, making the server a media server, i.e. a 
provider of media content. It is pointed out that this is only one 
kind of data for which the invention is suitable and that any 
other data also could be communicated by means of the appa- 

25 ratus according to the Invention. 

Furthermore, three clients 102 are shown in fig 1. It is to be un- 
derstood that at any given time the number of clients may be 
more or less than three. Said clients 102 and said server 100 is 

30 connected to the network infrastructure 101. The network con- 
nections are formed via suitable connections means, which are 
known per se and will therefore not be described further. Said 
server 100 is capable of using said unicast and multicast 
mechanisms for communicating said electronic data to one or 

36 more clients 102. Said apparatus comprises means 103 adapted 
to make a decision, taking into account a predetermined set of 
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parameters, whether the server 100 shall use said unlcast 
mechanism or said multicast mechanism for communicating said 
electronic data to the clients 102 and the server 100 is arranged 
to communicate said electronic data to the clients 102 in accor- 
5 dance with said decision. In this way, a better utilization of the 
available resources In the network infrastructure 101 Is 
achieved. In the embodiment Illustrated in fig 1 said means 103 
is included In said server 100. 

10 The clients 102 make requests to the server 100, via the net- 
work Infrastructure 101. for electronic data to be communicated. 
According to a preferred embodiment of the present Invention 
said means 103 is adapted to make said decision based on the 
number of client requests or said electronic data to be commu- 
15 nicated from the server 100 per unit of time as one of said pa- 
rameters. Preferably, said means 103 is adapted to decide for 
said multicast mechanism to be used for communicating said 
electronic data to the clients 102 when said number of client re- 
quests for said electronic data to be communicated from the 
server 100 per unit of time is > 2 and otherwise for said unicast 
mechanism to be used. That is, when the number of client re- 
quests to the server 100 for data to be communicated to the cli- 
ents 102 Increases, the decision is preferably to use said multi- 
cast mechanism for communicating the data to the clients 102. 
25 Accordingly, when there Is less than two requests per unit of 
time to the server, unicast is preferably used for communicating 
said data to the clients 102. 

According to another preferred embodiment of the present in- 
30 vention said means 103 is adapted to make said decision based 
on the number of client requests for a portion of said electronic 
data to be communicated from the server 100 as one of said pa- 
rameters. As stated above, but not limiting the invention in any 
way, the data is preferably contained in the server as individual 
35 data streams representing specific media content such as audio 
clips or video clips. Accordingly, the means 103 is preferably 
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adapted to make said decision based on the number of client 
requests for an Individual data stream to be communicated from 
said server as one of said parameters. Preferably, when there is 
two or more client requests for said portion of said electronic 
5 data to be communicated from the server 100. the decision is for 
said multicast mechanism to be used for communicating said 
portion to the clients 102. This Is achieved In that the means 
103 is adapted to decide accordingly. 

10 According to another preferred embodiment of the Invention, the 
means 103 is adapted to make said decision based on the num- 
ber of client requests for said electronic data to be communi- 
cated from the server 100 within the same distance from the 
server 100 as one of said parameters. This means that the rela- 
15 tive distance between the server 100 and each client 102 is to 
be considered when making said decision. The distance is of 
course not necessarily the physical distance between the server 
100 and the client 102. The distance referred to is the distance 
m the network Infrastructure 101. Preferably, said distance is 
defined by a TTL (Time To Live) value. The TTL-technique is 
used in best effort delivery systems to avoid endlessly looping 
packets. Each data item, for example an IP-datagram, is as- 
signed a TTL-value. i.e. a time to live. This value is decreased 
by each router that the data reaches. Said means 103 is pref- 
25 erably adapted to decide for said multicast mechanism to be 
used for communicating the data to the clients 102 when the 
number of client requests for the data to be communicated from 
the server 100 within the same distance from the server 100 is ^ 
2 and otherwise for said unicast mechanism to be used 

30 

Furthermore, according to another preferred embodiment of the 
invention, the means 103 is adapted to make said decision 
based on available server output bandwidth as one of said pa- 
rameters. The means 103 is preferably adapted to decide for 
35 said multicast mechanism to be used when the available server 
output bandwidth Is less than that required to communicate fur- 
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ther electronic data as a response to a client request and other- 
wise for said unicast mechanism to be used. 

The condition referred to in the above paragraph is the follow- 
5 ing. When the server 100 already is occupied with communicat- 
ing electronic data to clients so that the remaining bandwidth 
not allows another unicast connection to be established between 
the server 100 and a client 102 upon a request, the decision 
should be to switch from using unicast for communicating elec- 
10 tronic data to using said multicast mechanism for communicating 
electronic data to the client 102. 

It will be appreciated by persons skilled in the art that none of 
the above mentioned parameters is to be considered alone when 
15 making said decision. All of the parameters above are preferably 
considered together when making the decision whether to use 
said multicast or unicast mechanism. The decision shall of 
course be made so that the available resources in the network 
infrastructure 101 are used in the best way possible at all times. 
20 Thus, the parameters are not to be construed as to limit the in- 
vention in any way. For example, when considering the number 
of client requests for a portion of the electronic data contained 
In the server 100, for instance an individual data stream repre- 
senting a video or audio clip, the number of requests should be 
25 considered also with respect to the time of the request so that 
the decision Is to use said multicast mechanism when there are 
two or more requests for the same portion of electronic data per 
unit of time. Preferably said requests should also stem from cli- 
ents within a certain time to live value with respect to the server 
100. However, If there are few, for Instance two. requests for the 
same portion of electronic data stemming from clients far away 
from the server 100. It may be advantageous to establish two 
unicast connections instead of using multicast for communicat- 
ing said data. Thus, the parameters are preferably not consid- 
ered individually, but together to achieve advantageous use of 
the available resources In the network infrastructure. 



30 
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Referring now to fig 2. there is illustrated an apparatus for com- 
municating electronic data via a network infrastructure 101 ac- 
cording to another preferred embodiment of the present Inven- 
tion. This embodiment is much similar to the one illustrated In fig 
1, but here the apparatus also comprises an additional server 
110, which is connected to the network infrastructure 101. As 
illustrated in fig 2, the means 103 for making said decision Is in- 
cluded in the additional server 110. The additional server 110 
may, for instance, be configured as a World Wide Web (www) 
server having links to the electronic data contained in the server 
100. Otherwise, this embodiment illustrated in fig 2 is substan- 
tially similar to the embodiment in fig 1 and will therefore not be 
described further. 

Fig. 3 illustrates, by means of a flow diagram, a general method 
according to the invention for communicating electronic data 
from a server to one or more clients via a network infrastructure 
having a unicast mechanism and a multicast mechanism. The 
server contains electronic data and Is capable of using said uni- 
cast and multicast mechanisms for communicating said elec- 
tronic data to said one or more clients. A first step 301 makes a 
decision, taking into account a predetermined set of parameters, 
whether to use said unicast mechanism or said multicast 
mechanism for communicating said electronic data to said cli- 
ents. The following step 302 controls said server to communi- 
cate said electronic data to said clients in accordance with said 
decision. 

30 Now referring to fig 4. there Is Illustrated a system for secure 
multicasting of electronic data via a network infrastructure 401 
Said network infrastructure 401 Is preferably substantially simi- 
lar to the network infrastructure 101 described above and will 
therefore not be described further. The system comprises a 
server 400 containing electronic data and a plurality of clients 
402 to which said server 400 is adapted to multicast said elec- 
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tromc data As Illustrated, the server 400 Is connected to the 
network infrastructure 401. Also the clients 402 are connected to 
he network infrastructure 401. in fig 4. three clients 402 are il- 
lustrated. However, at any given time the number of clients may 
be more or less than three. Each client 402 is adapted to com- 
municate a first data encryption key to a device 403. The device 
403 IS in the Illustrated embodiment included in the server 400 
Furthermore, the device 403 is adapted to calculate a second 
data encryption key for each client 402 through a predetermined 
operation using a unique client identifier, preferably the IP ad- 
dress of the respective client 402. and said first data encryption 
key. The device 403 is adapted to communicate said second 
data encryption keys to each respective client 402. The server 
400 IS adapted to encrypt the electronic data to be communl- 
cated using a third encryption key corresponding to the differ- 
ence between said first and second data encryption keys ac- 
cording to said predetermined operation. The server 400 is 
adapted to communicate the encrypted electronic data to each 
respective client 402. Each client 402 is adapted to create the 
third data encryption key using said first and second data en- 
cryption keys. Each client 402 is adapted to decrypt the commu- 
nicated electronic data using the third data encryption key. Con- 
sequently, this solution is scalable, since It is applicable to any 
number of clients at any given time. Furthermore, since each 
client 402 receives a unique second data encryption key unau- 
thorized copying of encryption keys between clients is pre- 
vented. Still, there is no need for encrypting the data to be 
commumcated more than once, namely at the server 400 before 
communicating the data. Thus, there is no special requirement 
on hardware or software between the server 400 and the clients 
402 as regards encryption. The system thus provides secure 
multicasting of electronic data. 

In an alternative embodiment shown in fig 5. much similar to the 
embodiment shown in fig 4. the system also comprises an addi- 
tional server 410 and preferably said device 403 is included in 
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the additional server 410. This is advantageous in that the 
server 400 then only needs to communicate encrypted electronic 
data to each client 402, while the additional server 410 takes 
care of the calculation and communication of encryption keys to 
5 each client 402. 

To prevent data to be communicated to unauthorized clients, 
said device 403 Is preferably adapted to communicate said sec- 
ond data encryption keys only to clients 402 sending RTCP 
10 (Real Time Control Protocol) messages containing receiver re- 
ports. Thus, clients not sending any receiver reports will not re- 
ceive any keys and thereby unauthorized clients are not able to 
decrypt the communicated data. 

15 Fig 6 illustrates, by means of a flow diagram, a general method 
for secure multicasting of electronic data from a server to a plu- 
rality of clients via a network infrastructure according to the in- 
vention. A first step 601 obtains first data encryption keys from 
each client, which are to receive electronic data. In a following 

20 step 602 second data encryption keys are calculated for each of 
the clients. Said second data encryption keys are calculated 
through a predetermined operation using a unique client identi- 
fier, preferably the IP address of the client, and said first data 
encryption key. A subsequent step 603 encrypts the electronic 

25 data to be communicated to each client. The data is encrypted 
using a third data encryption key. which corresponds to the dif- 
ference between said first and second data encryption keys ac- 
cording to the predetermined operation. Then, in a step 604, the 
encrypted electronic data is communicated to each respective 

30 client. Thereafter, the third data encryption key is created at 
each of said clients using said first and second data encryption 
keys in a step 605. Finally, each client decrypts the communi- 
cated electronic data using said third data encryption key in a 
step 606. 

35 
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Fig 7 illustrates a system for multicasting electronic data via a 
network infrastructure 701. Said network infrastructure 701 Is 
preferably substantially similar to the network infrastructure 101 
described above and will therefore not be described further. The 
system comprises a server 700 containing electronic data and a 
plurality of clients 702 to which the server 700 is adapted to 
multicast said electronic data. The server 700 is adapted to 
multicast said electronic data in a looped manner. For example, 
the electronic data to be multicast may be individual data 
streams representing some specific media content, such as for 
Instance an audio or video clip. The term "looped manner" im-- 
plies that when the electronic data has reached the end it starts 
over from the beginning again. If. for instance, the electronic 
data is a video clip, each client is able to wait until the begin- 
15 ning of the video clip before starting to watch. However, if the 
clip is very long, the time to wait until the playout of the elec- 
tronic data reaches the beginning of the clip may become unac- 
ceptably long. 

20 Therefore, according to a preferred embodiment of the present 
invention, the server 700 is adapted to multicast a plurality of 
data streams containing electronic data representing the same 
media content and multicast each data stream to a different 
multicast address 703. Furthermore, each data stream Is ar- 

25 ranged to start at a time different from the starting time of any 
other of said data streams. That is, the media content in said 
data streams are time shifted compared to each other. In this 
way. each client may choose to join the playout session, which 
reaches the starting point first, or to join the playout that has 

30 lasted the shortest time. That is. each client may join the multi- 
cast group, i.e. listen to the multicast address, to which the de- 
sired data is communicated from the server. Thus, at least 
nearly on-demand functionality Is achieved. 

35 If several time shifted data streams are multicast to a plurality of 
multicast addresses, an opportunity exists to achieve higher 



ISDOCID: <WO 02067499A1.L> 



. m< 

WO 02/067499 



PCT/SE02/00299 



18 



media quality for the clients. According to a preferred embodi- 
ment of the invention, each data stream is part of a layered en- 
coding so that each individual data stream is encoded with a 
common base layer and a unique enhancement layer, which is 

5 different from the enhancement layer of any other of said data 
streams. Each client is adapted to combine the base layer of 
one data stream with enhancement layers from at least two dif- 
ferent of said data streams thus obtaining a higher media qual- 
ity. The obtaining of high media quality, however, requires a 

0 longer buffering time since the data streams are time shifted 
compared to each other. 

According to yet another alternative embodiment of the present 
invention, the separate data streams are not time shifted com- 
5 pared to each other. According to this embodiment there is no 
need for longer buffering to achieve high media quality, but then 
the better on-demand functionality as described above may not 
be achieved. 



20 The invention is of course not restricted to the embodiments de- 
scribed above, but many possibilities to modifications thereof 
may be envisaged by persons skilled in the art without departing 
from the scope of the invention as defined in the appended 
claims. 

25 

It is pointed out that many combinations of the embodiments de- 
scribed above are possible. For instance, the embodiments of 
the invention described with reference to figs. 1-3 may make use 
of the solution for achieving secure multicasting of esectronic 
30 data as described with reference to figs. 4-6 as well as the solu- 
tion for achieving on-demand functionality as described with ref- 
erence to fig 7, when the decision is for said multicast mecha- 
nism to be used. 
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Claims 



1. An apparatus for communicating electronic data via a network 
mfrastructure (101; 401; 701) having a unicast mechanism and a 
5 multicast mechanism, said apparatus comprising a server (100- 
400; 700). which contains electronic data and is capable of 
usmg said unicast and multicast mechanisms for communicating 
said electronic data to one or more clients (102; 402- 702) 
characterized in that it comprises means (103) adapted to make 
10 a decision, taking into account a predetermined set of 
parameters, whether said server (100; 400; 700) shall use said 
unicast mechanism or said multicast mechanism for 
communicating said electronic data to said clients (102- 402- 
702) and that said server (100; 400; 700) is arranged to 
communicate said electronic data to said clients (102; 402" 702) 
in accordance with said decision. 

2. An apparatus according to claim 1. characterized In that said 
means (103) Is included in said server (100; 400; 700). 

3. An apparatus according to claim 1 or 2. characterized in that 
It comprises an additional server (110; 410) and that said means 
(103) for making said decision is included in said additional 
server (110; 410). 



15 



20 



25 

4. An apparatus according to any of claims 1-3. characterized 
in that said means (103) is adapted to make said decision based 
on the number of client requests for said electronic data to be 
communicated from said server (100; 400; 700) per unit of time 

30 as one of said parameters. 

5. An apparatus according to claim 4. characterized in that said 
means (103) is adapted to decide for said multicast mechanism 
to be used for communicating said electronic data to said clients 

35 (102; 402; 702) when said number of client requests for said 
electronic data to be communicated from said server (100; 400- 
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700) per unit of time is >= 2 and otherwise for said unicast 
mechanism to be used. 

6. An apparatus according to any of claims 1-5. characterized 
in that said means (103) is adapted to make said decision based' 
on the number of client requests for a portion of said electronic 
data to be communicated from said server (100; 400; 700) as 
one of said parameters. 

7. An apparatus according to claim 6, characterized m that said 
portion is an individual data stream. 

8. An apparatus according to claim 6 or 7. characterized in that 
said means (103) is adapted to decide for said multicast 
mechanism to be used for communicating said portion to said 
clients (102; 402; 702) when the number of client requests for 
said portion of said electronic data to be communicated from 
said server (100; 400; 700) is >=2 and otherwise for said unicast 
mechanism to be used. 

9. An apparatus according to any of claims 1-8, characterized 
in that said means (103) is adapted to make said decision based 
on the number of client requests for said electronic data to be 
communicated from said server (100; 400; 700) within the same 
distance from said server (100; 400; 700) as one of said 
parameters. 

10. An apparatus according to claim 9, characterized in that 
said distance is defined by a TTL value. 

11. An apparatus according to claim 9 or 10, characterized in 
that said means (103) is adapted to decide for said multicast 
mechanism to be used for communicating said electronic data to 
sa.d clients (102; 402; 702) when the number of client requests 

35 for said electronic data to be communicated from said server 
(100; 400; 700) within the same distance from said server (100- 
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400; 700) is >= 2 and otherwise for said unicast mechanism to 
be used. 

12. An apparatus according to any of claims 1-11, character- 
5 /zed in that said means (103) is adapted to mal^e said decision 

based on available server output bandwidth as one of said 
parameters. 

13. An apparatus according to claim 12. characterized in that 
10 said means (103) is adapted to decide for said multicast 

mechanism to be used for communicating said electronic data to 
said clients (102; 402; 702) when available server output 
bandwidth is less than that required to communicate further 
electronic data as a response to a client request and otherwise 
15 for said unicast mechanism to be used. 

14. An apparatus according to any of claims 1-13, character- 
ized in that, for providing secure data communication when said 
decision is for said multicast mechanism to be used for commu- 

20 nicating said electronic data to said clients (102; 402" 702) 
each of said clients (102; 402; 702) is adapted to communicate 
a first data encryption key to a device (403). that said device 
(403) is adapted to calculate a second data encryption key for 
each of said clients (102; 402; 702) through a predetermined 

25 operation using a unique client identifier and said first data en- 
cryption key, that said device (403) is adapted to communicate 
said second data encryption keys to each respective client (102; 
402; 702). that said server (100; 400; 700) is adapted to encrypt 
the electronic data to be communicated using a third data 

30 encryption key corresponding to the difference between said 
first and second data encryption keys according to said 
predetermined operation, that said server (100; 400; 700) is 
adapted to communicate the encrypted electronic data to each 
respective client (102; 402; 702), that each of said clients (102; 

35 402; 702) is adapted to create said third data encryption key 
using said first and second data encryption keys, and that each 
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Of said clients (102; 402; 702) is adapted to decrypt the 
communicated electronic data using said third data encryption 
key. 

5 15. An apparatus according to claim 14, characterized in that 
said device (403) is included in said server (100; 400; 700). 

16. An apparatus according to claim 14, characterized in that 

said system comprises an additional server (110; 410) and that 

10 said device (403) Is Included In said additional server MIO- 
410). ^ 

17. An apparatus according to any of claims 14-16, character- 
ized in that said unique client identifier is the IP address of the 

15 client (102; 402; 702). 

18. An apparatus according to any of claims 14-17. character- 
ized in that said device (403) is adapted to communicate said 
second data encryption keys only to clients (102; 402; 702) 

20 sending RTCP messages containing Receiver Reports. 

19. An apparatus according to any of claims 1-18, character- 
ized in that said server (100; 400; 700) is adapted to multicast 
said electronic data in a looped manner provided that said 

25 decision Is for said multicast mechanism to be used for 
communicating said electronic data to said clients (102- 402- 
702). 

20. An apparatus according to claim 19, characterized in that 
30 said server (100; 400; 700) Is adapted to multicast a plurality of 

data streams containing electronic data representing the same 
media content, that said server (100; 400; 700) is adapted to 
multicast each data stream to a different multicast address 
(703), and that each data stream Is arranged to start at a time 
35 different from the starting time of any other of said data streams. 
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21. An apparatus according to claim 20, characterized in that 
each data stream is part of a layered encoding, that each data 
stream is encoded with a common base layer and a unique en- 
hancement layer different from the enhancement layer of any 
5 other of said data streams, and that each client (102; 402; 702) 
is adapted to combine the base layer of one data stream with . 
enhancement layers from at least two different of said data 
streams. 

10 22. A method for communicating electronic data from a server 
(100; 400; 700) to one or more clients (102; 402; 702) via a 
network infrastructure (101; 401; 701) having a unicast 
mechanism and a multicast mechanism, said server (100; 400; 
700) containing electronic data and being capable of using said 

15 unicast and multicast mechanisms for communicating said 
electronic data to said one or more clients (102; 402; 702), 
characterized by the steps of: 

making a decision, taking into account a predetermined set of 
20 parameters, whether to use said unicast mechanism or said 
multicast mechanism for communicating said electronic data to 
said clients (102; 402; 702), and 

controlling said server (100; 400; 700) to communicate said 
25 electronic data to said clients (102; 402; 702) in accordance with 
said decision. 



23. A method according to claim 22, characterized by making 
said decision based on the number of client requests for said 

30 electronic data to be communicated from said server (100; 400; 
700) per unit of time as one of said parameters. 

24. A method according to claim 23, characterized by deciding 
for said multicast mechanism to be used for communicating said 

35 electronic data to said clients (102; 402; 702) when said number 
of client requests for said electronic data to be communicated 
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from said server (100; 400; 700) per unit of time Is >= 2 and 
otherwise for said unlcast mechanism to be used. 

25. A method according to any of claims 22-24. characterized 
5 by making said decision based on the number of client requests 

for a portion of said electronic data to be communicated from 
said server (1 00; 400; 700) as one of said parameters. 

26. A method according to claim 25. characterized in that said 
10 portion is an Individual data stream. 

27. A method according to claim 25 or 26, characterized by de- 
ciding for said multicast mechanism to be used for communicat- 
ing said portion to said clients (102; 402; 702) when the number 
of client requests for said portion of said electronic data to be 
communicated from said server (100; 400; 700) is >=2 and 
otherwise for said unlcast mechanism to be used. 

28. A method according to any of claims 22-27. characterized 
by making said decision based on the number of client requests 
for said electronic data to be communicated from said server 
(100; 400; 700) within the same distance from said server (100" 
400; 700) as one of said parameters. 

29. A method according to claim 28. characterized in that said 
distance is defined by a TTL value. 

30. A method according to claim 28 or 29. characterized by de- 
ciding for said multicast mechanism to be used for communicat- 
ing said electronic data to said clients (102; 402; 702) when the 
number of client requests for said electronic data to be 
communicated from said server (100; 400; 700) within the same 
distance from said server is >= 2 and otherwise for said unicast 
mechanism to be used. 
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31. A method according to any of claims 22-30, characterized 
by making said decision based on available server output band- 
width as one of said parameters. 

5 32. A method according to claim 31, characterized by deciding 
for said multicast mechanism to be used for communicating said 
electronic data to said clients (102; 402; 702) when available 
server output bandwidth is less than that required to 
communicate further electronic data as a response to a client 
10 request and otherwise for said unicast mechanism to be used. 

33. A method according to any of claims 22-32, characterized 
by, for providing secure data communication when said decision 
is for said multicast mechanism to be used for communicating 
15 said electronic data to said clients (102; 402; 702), having the 
steps of: 

obtaining a first data encryption key, 

20 calculating a second data encryption key for each of said clients 
(102; 402; 702) through a predetermined operation using a 
unique client Identifier and said first data encryption key, 

communicating said second data encryption keys to each re- 
25 spective client (102; 402; 702). 

encrypting the electronic data to be communicated using a third 
data encryption key corresponding to the difference between 
said first and second data encryption keys according to said 
30 predetermined operation, 

communicating the encrypted electronic data to each respective 
client (102; 402; 702), 



SDOCID: <WO 02067499A1 J_> 



wo 02/067499 



26 



PCT/SE02/00299 



creating said third data encryption key at each of said clients 
(102; 402; 702) using said first and second data encryption 
keys, and 

5 decrypting the connmunicated electronic data at each of said cli- 
ents (102; 402; 702) using said third data encryption key. 

34. A method according to claim 33, characterized in that said 
unique client identifier is the IP address of the client (102- 402" 

10 702). 

35. A method according to claim 33 or 34, characterized \n that 
said second data encryption keys only are communicated to cli- 
ents (102; 402; 702) sending RTCP messages containing 

15 Receiver Reports. 

36. A method according to any of claims 22-35, characterized 
in that said multicast electronic data is looped provided that said 
decision is for said multicast mechanism to be used for commu- 

20 nicating said electronic data to said clients (102; 402; 702). 

37. A method according to claim 36, characterized In that a plu- 
rality of data streams containing electronic data representing the 
same media content are multicast, that each data stream is 

25 multicast to a different multicast address (703), and that each 
data stream starts at a time different from the starting time of 
any other of said data streams. 

38. A method according to claim 37, characterized in that each 
30 data stream is part of a layered encoding, that each data stream 

is encoded with a common base layer and a unique enhance- 
ment layer different from the enhancement layer of any other of 
said data streams, and that each client (102; 402; 702) 
combines the base layer of one data stream with enhancement 
35 layers from at least two different of said data streams. 
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39. A computer program directly loadable into the internal mem- 
ory of a computer, comprising software for controlling the steps ■ 
of any of claims 22-38 when said program is run on the com- 
puter. 

5 

40. A computer program according to claim 39, provided at least 
partially through a network as the Internet. 

41. A computer readable medium, having a program recorded 
10 thereon, where the program is to make a computer control the 

steps of any of the claims 22-38. 

42. A method for secure multicasting of electronic data from a 
server (400) to a plurality of clients (402) via a network 

15 infrastructure (401). characterized by the steps of: 

obtaining a first data encryption key, 

calculating a second data encryption key for each of said clients 
20 (402) through a predetermined operation using a unique client 
identifier and said first data encryption key, 

communicating said second data encryption keys to each re- 
spective client (402), 

25 

encrypting the electronic data to be communicated using a third 
data encryption key corresponding to the difference between 
said first and second data encryption keys according to said 
predetermined operation, 

30 

communicating the encrypted electronic data to each respective 
client (402), 

creating said third data encryption key at each of said clients 
35 (402) using said first and second data encryption keys, and 
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decrypting the communicated electronic data at each of said cli- 
ents (402) using said third data encryption key. 

43. A method according to claim 42, characterized in that said 
5 unique client identifier is the IP address of the client (402). 

44. A method according to claim 42 or 43, characterized in that 
said second data encryption keys only are communicated to cli- 
ents (402) sending RTCP messages containing Receiver 

10 Reports. 

45. A computer program directly loadable into the internal mem- 
ory of a computer, comprising software for controlling the steps 
of any of claims 42-44 when said program is run on the com- 

16 puter. 

46. A computer program according to claim 45, provided at least 
partially through a network as the Internet. 

20 47. A computer readable medium, having a program recorded 
thereon, where the program is to make a computer control the 
steps of any of the claims 42-44. 

48. A system for secure multicasting of electronic data via a 
25 network Infrastructure (401), said system comprising a server 
(400) containing electronic data and a plurality of clients (402) 
to which said server (400) is adapted to multicast said electronic 
data, characterized in that each of said clients (402) is adapted 
to communicate a first data encryption key to a device (403), 
30 that said device (403) is adapted to calculate a second data 
encryption key for each of said clients (402) through a 
predetermined operation using a unique client identifier and said 
first data encryption key, that said device (403) Is adapted to 
communicate said second data encryption keys to each 
35 respective client (402) , that said server (400) is adapted to 
encrypt the electronic data to be communicated using a third 
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data encryption key corresponding to the difference between 
said first and second data encryption keys according to said 
predetermined operation, that said server (400) is adapted to 
communicate the encrypted electronic data to each respective 
5 client (402), that each of said clients (402) is adapted to create 
said third data encryption key using said first and second data 
encryption keys, and that each of said clients (402) is adapted 
to decrypt the communicated electronic data using said third 
data encryption key. 

10 

49. A system according to claim 48, characterized In that said 
device (403) Is Included in said server (400). 

50. A system according to claim 48, characterized In that said 
15 system comprises an additional server (410) and that said 

device (403) is Included In said additional server (410). 

51. A system according to any of claims 48-50, characterized In 
that said unique client identifier Is the IP address of the client 

20 (402). 

52. A system according to any of claims 48-51, characterized in 
that said device (403) Is adapted to communicate said second 
data encryption keys only to clients (402) sending RTCP 

25 messages containing Receiver Reports. 

53. A method for multicasting electronic data from a server (700) 
to one or more clients (702) via a network Infrastructure (701). 
characterized in that said multicast electronic data is looped 

30 

54. A method according to claim 53. characterized in that a plu- 
rality of data streams containing electronic data representing the 
same media content are multicast, that each data stream is 
multicast to a different multicast address (703), and that each 

35 data stream starts at a time different from the starting time of 
any other of said data streams. 
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55. A method according to claim 54, characterized in that each 
data stream is part of a layered encoding, that each data stream 
is encoded with a common base layer and a unique enhance- 
5 ment layer different from the enhancement layer of any other of 
said data streams, and that each client (702) combines the base 
layer of one data stream with enhancement layers from at least 
two different of said data streams. 

10 56. A computer program directly loadable into the internal mem- 
ory of a computer, comprising software for controlling the steps 
of any of claims 53-55 when said program is run on the com- 
puter. 

15 57. A computer program according to claim 56, provided at least 
partially through a network as the Internet. 

58. A computer readable medium, having a program recorded 
thereon, where the program is to make a computer control the 

20 steps of any of the claims 53-55. 

59. A system for multicasting electronic data via a network infra- 
structure (701), said system comprising a server (700) 
containing electronic data and a plurality of clients (702) to 

25 which said server (700) is adapted to multicast said electronic 
data, characterized in that said server (700) is adapted to 
multicast said electronic data in a looped manner. 

60. A system according to claim 59, characterized in that said 
server (700) is adapted to multicast a plurality of data streams 
containing electronic data representing the same media content 
that said server (700) is adapted to multicast each data stream 
to a different multicast address (703). and that each data stream 
is arranged to start at a time different from the starting time of 

35 any other of said data streams. 
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61. A system according to claim 60, characterized in that each 
data stream is part of a layered encoding, that each data stream 
is encoded with a common base layer and a unique enhance- 
ment layer different from the enhancement layer of any other of 

5 said data streams, and that each client (702) is adapted to 
combine the base layer of one data stream with enhancement 
layers from at least two different of said data streams. 

62. A method for multicasting electronic data from a server (700) 
0 to one or more clients (702) via a network infrastructure (701), 

characterized by the steps of: 

encoding a plurality of data streams containing electronic data 
representing the same media content according to a layered en- 
5 coding so that each of said data streams is encoded with a 
common base layer and a unique enhancement layer different 
from the enhancement layer of any other of said data streams. 

multicasting each of said data streams to a different multicast 
address (703), and 

combining the base layer of one data stream with enhancement 
layers from at least two different of said data streams. 
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